Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

SMS-Controlled Malware Hijacking Android Phones

samzenpus posted more than 2 years ago | from the Taking-over dept.

Android 94

wiredmikey writes "Security researchers have discovered new Android malware controlled via SMS that can do a number of things on the compromised device including recording calls and surrounding noise. Called TigerBot, the recently discovered malware was found circulating in the wild via non-official Android channels. Based on the code examination, the researchers from NQ Mobile, alongside researchers at North Carolina State University said that TigerBot can record sounds in the immediate area of the device, as well as calls themselves. It also has the ability to alter network settings, report its current GPS coordinates, capture and upload images, kill other processes, and reboot the phone. TigerBot will hide itself on a compromised device by forgoing an icon on the home screen, and by masking itself with a legit application name such as Flash or System. Once installed and active, it will register a receiver with a high priority to listen to the intent with action 'android.provider.Telephony.SMS_RECEIVED.'"

cancel ×

94 comments

Sorry! There are no comments related to the filter you selected.

NQ Mobile link (2)

OzPeter (195038) | more than 2 years ago | (#39619883)

Re:NQ Mobile link (2)

tripleevenfall (1990004) | more than 2 years ago | (#39619953)

I'm having a hard time understanding why anyone would install the typical greyware apps from a random source outside of the android market... seems pretty risky.

Re:NQ Mobile link (0, Flamebait)

OzPeter (195038) | more than 2 years ago | (#39620021)

I'm having a hard time understanding why anyone would install the typical greyware apps from a random source outside of the android market... seems pretty risky.

Because they're free to do so .. not like those Apple hipsters that force you to use their walled garden.
 
What's the point of a differentiating your market (walled vs non-walled) if your customers can't exploit all of the possibilities?
 
So the Android crowd has traded oversight for freedom, and rationalized that the risk is worth it..

Re:NQ Mobile link (1)

tripleevenfall (1990004) | more than 2 years ago | (#39620121)

I've used both platforms, and both seem to have an 'approved' appstore and both can access others by jailbreaking (sic). Even the android phones I used were locked down by the carrier to only use the 'real' appstore. I don't see what the substantive difference is in those kinds of cases.

Re:NQ Mobile link (2)

chrb (1083577) | more than 2 years ago | (#39620579)

both can access others by jailbreaking (sic)

Most Android phones will, without rooting, happily allow you to load an .apk archive from the web, or over USB (with debugging enabled in settings), or to add a new app store (enable "unknown sources" in settings). The only carrier I heard of that blocked third party app stores was AT&T, and they caved when their customers started demanding access to the Amazon Appstore. There are millions of people using the Amazon Appstore, and the vast majority have not jailbroken their phones. Even the Amazon specific Kindle Fire allows adding alternative app stores.

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39621501)

AT&T promised to make available the ability to use other app stores like Amazon. They even said when that ability would be available. Then they reneged and never made it available on my wife's or daughter's HTC Aria. They still cannot check the box to enable unknown sources since it doesn't show up. They don't bother to update the devices either.

Re:NQ Mobile link (1)

Krojack (575051) | more than 2 years ago | (#39620665)

I've used 2 different Android phones from 2 different carriers. Neither were locked down.

Settings -> Applications and check "Unknown sources" which is always disabled by default.

Re:NQ Mobile link (4, Informative)

mean pun (717227) | more than 2 years ago | (#39621759)

I've used both platforms, and both seem to have an 'approved' appstore and both can access others by jailbreaking (sic). Even the android phones I used were locked down by the carrier to only use the 'real' appstore. I don't see what the substantive difference is in those kinds of cases.

Apart from what others have posted: the apps in the Google App store are hardly vetted: any developer can post whatever s/he likes, and it is immediately available in the store. Google may remove the app later on if it breaks some of the rules, and I don't think that happens very often. In contrast, Apple checks every version of every app, and only when it is approved it is published.

Re:NQ Mobile link (1)

dudpixel (1429789) | more than 2 years ago | (#39626939)

Google do run automated checks against every app that is submitted on android market.

It works much like antivirus I suppose, and is continually improving. This is since mid 2011.

Its not as "free for all" as you might expect.

Apple have gone for a more radical approach, but remember there are pros and cons with both.

Just owning an android phone does not mean you will have your data compromised.

Re:NQ Mobile link (1)

Xest (935314) | more than 2 years ago | (#39629309)

In reality Apple's checks wont be much better anyway, there's now over 600,000 apps on the app store, and only 4 years since the app store opened up which means an average of over 400 apps submitted each day.

To do any kind of worthwhile security audit on that you'd need more than a day per app, and you'd need some pretty skilled staff. Factor in weekends, and holidays, and you'll be looking at well over 1,000 staff just to do this. you then have to factor in costs of supporting those staff - premises, electricity, hardware, software. Of course, all this ignores app updates, which would similarly need to be audited to ensure change in functionality doesn't introduce new exploits.

Honestly, I don't buy this- it's not the cost factor, we all know Apple has money, but I'm not convinced they'd even find and retain the numbers of staff they'd need with the relevant skillsets to be able to realiably audit apps to a decent level. I'm not even convinced the cost/benefit ratio really works out.

Realistically Apple itself probably doesn't do much more than automated checks, with perhaps a bunch of low level fairly low paid staff to actually use the app and see what it does, whether it works, whether it has any banned content etc.

Primarily what Apple's system allows is censorship and security theatre - they can pretend everything is vetted, safe, and secure, but that doesn't mean it is.

Re:NQ Mobile link (1)

mean pun (717227) | more than 2 years ago | (#39631979)

I think you underestimate the repetition there is in the app market: identical book wrappers around hundred of different books, club/idol fan apps that are identical except for a few logos and urls, and so on. And not every app is regularly updated.

Moreover, Apple has strict guidelines about good coding practices, and they have the tools to enforce them on the source code. That's much more than the Android market does, even counting the virus checking that the parent post mentions. So even if all Apple would do is run code inspection tools, there would be significant difference in `vettedness'. In reality they must have tools to make sure that a supposedly innocent book wrapper doesn't use any network communication at all, and similar common-sense checks, and they will have have some knowledgable people that handle the difficult cases. Last but not least, one reason they have this reputation for capricious rejections is that they err on the side of caution.

Calling all this just security theater is not realistic. No, it will not catch every bug and malicious trick, but I'm sure the lock on your front door can also be picked by a competent burglar, and that doesn't make that lock security theater.

Both the Android and the Apple approach have their advantages. It's a bit like a holiday: some people prefer organized trips, some people prefer to do all the planning themselves. But do not underestimate the value of the organized trip to some people; it gets them to places they would not go otherwise.

Re:NQ Mobile link (1)

Xest (935314) | more than 2 years ago | (#39642075)

Whilst the points you mention may improve quality, they do absolutely nothing to protect against a determined attacker and that's precisely the problem here. Repetition and so forth is entirely irrelevant, the same features do not equate to the same executable code, and when the executable code is different there is always scope for subtle introduction of an exploit.

Code inspection tools aren't going to highlight any differences as a result of improved code quality though regardless, the fact is that the code still has to compile down to the same byte code to perform certain actions i.e. network access, because that's just how things work, hardware like network cards and so forth have fixed protocols between the software and hardware, a VM similarly does so on top of that so knowing when network access or general hardware usage occurs is something that'll be testable between code verification tools to the exact same degree.

The problem is what is being sent over the network, what is being sent to the CPU, written to the hard disk and so forth and there's really no automated way to check anything other than the most common attacks. Only a manual code audit by someone skilled in reverse engineering is going to give a higher level of confidence and as I say - there's absolutely no way Apple do that because finding the talent and the time is just too unrealistic.

So Apple's checks ARE security theatre, what they do do is allow for higher quality apps, and better control of content so you can keep your store porn free or whatever, so sure they're not without merit, but they're absolutely not a security tool. The only caveat I'd say about this is that filtering app quality can in itself have the side effect of making malicious software harder to get onto the device in that someone actually has to write a useful app to embed their malicious software in for it to pass quality checks, whereas on the Android marketplace no one checks your app even works to do what it's advertised to do. Fundamentally though the point is that you can get malicious software onto the Android marketplace and Apple marketplace equally if you're determined, but when you have to write a working app for the Apple marketplace, and when Apple only hold 15% of the smartphone marketshare anyway compared to Android's 50%+ it's often just not worth it.

You are therefore right if you say Apple's store is less prone to malicious software, certainly it is, but it's no better protected by any kind of security checks Apple does when they vet apps and that's my point here - they are not the factor in protecting the store. Apple's manual vetting is entirely about application quality, and not about security - again, I guarantee they just wont be able to get the staff with the skills in the numbers they need to do proper manual security vetting on apps, and no, the automated checks are not going to be any better at Apple than Google - I'd argue if anything Google's experience in topics like machine learning and detection of malicious websites means it's actually far far better placed to build better automated security checking tools than Apple, but automated tools still only go so far.

Re:NQ Mobile link (3, Insightful)

Anonymous Coward | more than 2 years ago | (#39620237)

That's not the WHY though.

They WHY is because people with the 'click' mentality, that is stronger on a mobile, have less fear of adding a possibly infected program. I just don't think the regular Joes of the world have as much awareness of possible malware laden software when it comes to their phone.

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39620159)

Because the fandroids constantly crow about being able to install apps from other sources. That is until stuff like this surfaces then the backtrack and then post some canned excuse about how you shouldn't install anything from outside of the Google market. You can't have it both ways, fandroids.

Re:NQ Mobile link (1)

scot4875 (542869) | more than 2 years ago | (#39620559)

You can't have it both ways, fandroids.

We aren't trying to. It's a known risk. And your walled garden doesn't seem to do a very good job of keeping out spyware either, so it doesn't even seem to be much of a tradeoff. (See the recent report that apps in the iTunes store leak sensitive information more than apps available from alternate locations for jailbroken phones)

--Jeremy

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39621093)

BS. There has yet to be a proven sensitive info leak on the iPhone. In fact, there has yet to ever be a compromised iPhone out in the wild, other than jailbroken ones set to the default password, or morons using Installious.

If *anyone* had a compromised iPhone, they would be screaming to the press, Apple, their telco, and every source. However, this has yet to happen. So, if someone values their data, and not just wants to let any hacker turn their device into a spam machine, they go iOS.

Come back when you can prove your device has been proven to be 100% secure against malware, and has been since 2007.

Re:NQ Mobile link (2)

SQLGuru (980662) | more than 2 years ago | (#39621409)

Apparently you didn't read about Path. In this instance, iOS was very open in terms of what an application could access without asking the user (contacts). Any app could do the same as well. No jailbreak needed.

Not saying that other mobile operating systems are better.....just countering your sensitive info leak point.

http://articles.latimes.com/2012/feb/08/business/la-fi-tn-path-ceo-dave-morin-we-are-sorry-20120208 [latimes.com]

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39632017)

1) Two words: Charlie Miller.

That's the guy who proved that you can submit an app that was a Command-And-Control malware, have it downloaded at least 10k times, and nobody be any wiser for it.

Remember, the only reason why his app was banned (and the flashlight tether, and the .... ) is because it became public knowledge; he specifically told the news / security sites, and that's when it was booted off.

2) Jailbreaking.

Jailbreaking is malware; it is an app (or a PDF, as was that case a year ago) that contains a privilege escalation vulnerability. Apps (and PDFs) should never have this functionality. The only apps that should "superuser" access legit should be system tools that specifically switch users (UAC and su simplifies a temporary user-switch)

Booyah, wrong agian!

Everyone should be like AC. (4, Interesting)

Picass0 (147474) | more than 2 years ago | (#39620891)

I guess nobody ever roots their iPhones to install homebrew software. All of those rooting videos on youtube must be my imagination.

@AC - Just because YOU don't have a need or desire to install software from alternative sources doesn't mean nobody else should. That's not even a platform specific desire. Apple or Android - if you own a smartphone you have a portable computer in your pocket. There will always be people who want to tinker and think outside the box and push the limits of what they can do WITH A DEVICE THEY OWN. They shouldn't have to play by Apple's rules, Google's rules, or yours. It doesn't make them 'fandroids', it makes them curious.

Re:NQ Mobile link (4, Informative)

tlhIngan (30335) | more than 2 years ago | (#39620279)

I'm having a hard time understanding why anyone would install the typical greyware apps from a random source outside of the android market... seems pretty risky.

Easy - piracy. It's the same reason people will happily torrent new release games and applications and run them on their PCs, or download Windows 7 to install on a brand new PC. Hell, malware infested versions of OS X and Photoshop abounded a couple of years ago (they installed a botnet client during the install).

And face it - a large number of places do not support Google Wallet/Checkout/whatever, especially in places like China. They might now, but once a habit is ingrained, it tends to stay such.

These sites popped up because of that (you couldn't get the app otherwise) and the end result is they florished and people pretty much got used to the idea of "apps are free" - why pay $2 at Play when your favorite app site has it for free within hours? And if you didn't know of any, your friends who told you what phone to get will steer you in the right direction.

Even Google's DRM thing isn't that effective - I have seen many DRM-cracker apps available on the torrents that remove it from an APK file.

And let's not even begin to talk about AOSP-based phones which have to be rooted/hacked to run Play - it's often easier to just download the damn app for free than hack in Play or hope that whatever market came with the device (if any) will carry it.

For those, perhaps many of these stores have their own market apps and they get preloaded, so users don't know any better. Especially if normal developers also use those stores

Heck, you should see the iOS piracy sites sometimes - they get overrun with people who buy the latest Apple iDevice and plead "HOW DO I INSTALL?!?!? I NEED IT NOW!!!" long before jailbreaks are released (you have to jailbreak to install the modified installer binary to allow unsigned stuff to run). Of course, without that 15-minute Google refund thing, new apps actually have to be bought and paid for, so app selection is far more limited.

That, and Apple tends to ensure everywhere they can officially buy devices to access the App Store, Apple is right there willing to sell. (The biggest news is that Apple finally allowed Chinese customers pay in Yuan instead of US dollars).

Re:NQ Mobile link (2)

Rasperin (1034758) | more than 2 years ago | (#39620595)

How about for apps like the Amazon app store (where you get the free app of the day) and the Hulu app (which is a free app, but isn't on the market for my Samsung Galaxy S II) I had to download a hacked version of it to run it on my phone.

Ur presence is requested (0)

Anonymous Coward | more than 2 years ago | (#39622265)

Re:Ur presence is requested (1)

Rasperin (1034758) | more than 2 years ago | (#39622837)

Replied.

Rasperin ADMITS HE WAS WRONG? (0)

Anonymous Coward | more than 2 years ago | (#39625583)

YOU ADMIT ERROR: U FAILED -> http://news.slashdot.org/comments.pl?sid=2772023&cid=39624889 [slashdot.org] U FAIL, troll, badly... admitting you failed.

The result of ur reply, Rasperin? (0)

Anonymous Coward | more than 2 years ago | (#39626083)

"Accepted that I was wrong that Hilton.com IS using Windows." - by Rasperin (1034758) on Monday April 09, @06:25PM (#39624293) Don't come in here calling others shit, shill, or troll again (or you'll get the SAME result, again). You've been fairly warned.

The end result Rasperin... (0)

Anonymous Coward | more than 2 years ago | (#39626075)

"Accepted that I was wrong that Hilton.com IS using Windows." - by Rasperin (1034758) on Monday April 09, @06:25PM (#39624293) Don't come in here calling others shit, shill, or troll again (or you'll get the SAME result, again). You've been fairly warned.

Re:NQ Mobile link (0)

santosh.k83 (2442182) | more than 2 years ago | (#39620787)

And this is the reason I'll never own a smartphone. I've a 'dumbphone' right now, and after it dies I'm going back to being reachable through landline, and those who absolutely must have a mobile number can go stuff it...

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39621747)

I fully support this line of reasoning. I mean, my compter got a virus once, so I replaced it with a typewriter. Then I hurt my finger trying to unjam it, so I moved on to pencil and paper. Then one time an electrical short in a light gave me a shock, so I went to candlelight. Of course I eventually buned myself on a candle, so I decided to rely solely on the sun for light. At least until I got a sunburn and realized the best answer was to just live in a dark hole.

--sent from my smoke signals
          --smoke generated by forest fires since a fireplace is dangerous. really I just wait for a fire somewhere in the world to generate smoke that can be interpreted in a manner that would relay a message I agree with, and then I tell people that message was mine. it's a slow process. sorry for the typos, eventually I just have to decide that a message is close enough, although waiting for this disclaimer isn't all that efficient either.

Re:NQ Mobile link (1)

SiChemist (575005) | more than 2 years ago | (#39621935)

You forgot to tell people to get off your lawn.

Re:NQ Mobile link (0)

Anonymous Coward | more than 2 years ago | (#39623591)

And custom roms. I've yet to hear about anyone integrating malware with a custom rom (other than network providers with carrierIQ), but it's bound to happen sooner or later. I still use Cyanogenmod though. Just be aware that you are making a choice to trust the people behind it.

Re:NQ Mobile link (1)

Inda (580031) | more than 2 years ago | (#39629217)

The largest problem with 'grey' sites is the constant stream of app updates that the market (Play) will not handle. I have uninstalled most of my apps because of crashes and bugs - both of which are probably fixed but I couldn't find the APKs quickly.

Re:NQ Mobile link (2)

Hentes (2461350) | more than 2 years ago | (#39620705)

From the articles it seems that the malware can't circumvent the permission system. If you give unlimited permissions to untrusted apps you have only yourself to blame, but otherwise you don't have to worry about where your apps came from.

Re:NQ Mobile link (1)

WindBourne (631190) | more than 2 years ago | (#39621881)

Actually, some of these come from the market as well. That is why I wish that Google would create another market in which code is looked over for security reasons and then the app is sold (say .99 like Apple's). While I would likely not do this, my 70 y.o. parents as well as my in-laws, WOULD. They need to KNOW that there is very little risk for them. And if it means constraining their selection a bit and having to pay a small amount, they are fine with it. I suspect that a number of regular users would be willing to support it.

Re:NQ Mobile link (2)

thegarbz (1787294) | more than 2 years ago | (#39625435)

I don't understand why anyone would install any non-Microsoft software on a windows computer. It seems pretty risky. I mean there's all sorts of things programs are known for including leaking your information onto the internet, phoning home to the vendor, serving up unwanted ads, and all of that just in legitimate non-malware apps.

It's even worse on windows machines because when I install an application I don't get given a list of specific permissions it has, such as access to my harddisk, internet, webcam, email client, etc. I literally have no idea what will happen when I click on that .exe file.

Computers are too risky to use, as are smartphones. We need to go back to telegraph towers, it's the only way to be safe.

And NC SU link (2)

OzPeter (195038) | more than 2 years ago | (#39619957)

Dr. Xuxian Jiang [ncsu.edu] has been busy identifying all sorts of Android malware.

Frosty! (-1)

Anonymous Coward | more than 2 years ago | (#39619889)

That's a fact!

Naked and petrified.

masking itself with a legit application name... (2, Funny)

Neil_Brown (1568845) | more than 2 years ago | (#39619917)

... such as Flash...

I'm sure there's a joke in here somewhere, but I can't find it...

Re:masking itself with a legit application name... (1)

FunkyLich (2533348) | more than 2 years ago | (#39620037)

I was about to ask how does this malware gets installed in the phones on the first place. But now after reading your post, I can see this was all a joke so I feel safe again.
So... where is the joke anyhow? I don't appreciate you leaving the question half answered, you insensitive clod!

Was anyone else failing reading (1)

dyingtolive (1393037) | more than 2 years ago | (#39619937)

And quietly wondering what "SMS-Controlled Mahjong Android Phones" were?

Re:Was anyone else failing reading (4, Funny)

oodaloop (1229816) | more than 2 years ago | (#39620071)

I thought it said "SOS-Comptroller Malawi Carjacking Androgenous Phonemes". I'm glad I'm not the only one who can't read, and others are willing to share their reading comprehension problems for everyone to enjoy as well.

Not News (5, Insightful)

girlintraining (1395911) | more than 2 years ago | (#39619967)

Downloading things from backwater websites has a higher risk of malware being present than downloading from reputable sources. ...That's some fine detective work there, Lou.

More seriously; It shouldn't come as any surprise that given how valuable your location data and personal information is, and how much of that is stored on a cell phone, and how most companies have declared themselves to have absolute rights to it (go ahead, try and stop us! *evil overlord laugh*), it shouldn't be surprising that other people (legitimately or otherwise) are hopping on the "All Your Privacy Are Belong To Us" gravy train.

So people will be all like "Oh noes! Someone wrote an evil bot!" ... Of course, they'll forget that the malware that the telecos have loaded on your phone makes that look positively amateur.

Re:Not News (0, Informative)

Anonymous Coward | more than 2 years ago | (#39620067)

Downloading things from backwater websites has a higher risk of malware being present than downloading from reputable sources

And yet we hear constantly that the ability to do this is one of the major features of Android - its openness.

Can't have it both ways, sport. If you want to crow about your openness, you can't downplay the existence and risk of malware like this.

Re:Not News (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39620185)

It's about options.

Android phones come pre-configured to block third-party downloads and they restrict you to the Play Store. Nearly every single one of these reports of Android malware are through other sources, so devices are protected.

Unlike Apple, though, Android phones give you the CHOICE of whether or not you want to remain under that protection. As simply as checking a box, you can be free to download and run any application you want.

So Android gives you the best of both worlds, while Apple is simply about controlling everything you do.

Re:Not News (0)

Anonymous Coward | more than 2 years ago | (#39620573)

Choice is bad! Now go wait in line for the the next version of the iPhone.

Re:Not News (2)

chrb (1083577) | more than 2 years ago | (#39620773)

If you want to crow about your openness, you can't downplay the existence and risk of malware like this.

That's like saying that if people have the freedom to choose their own sexual partners, then you can't downplay the existence and risk of sexually transmitted infections. It is a true statement, but the probability of contracting an STI is much higher if you have lots of sex with random strangers that you meet over the internet, than if you have sex with a single known long term partner. And, for many people, the freedom of being able to choose a sexual partner is more important than being protected from the risk of choosing the wrong partner.

Re:Not News (0)

Anonymous Coward | more than 2 years ago | (#39624389)

And, for many people, the freedom of being able to choose a sexual partner is more important than being protected from the risk of choosing the wrong partner.

Which just makes it even more foolish for those with the freedom to choose a sexual partner to willingly blind themselves to the risks, and downplay the risks because "at least I can choose." Having the freedom to choose carries with it the responsibility to choose wisely.

And even the "official" channels do precious little vetting of the applications themselves... it's sort of like saying, "Well I met her at the Regal Beagle, that's a classy place, no need to worry about diseases, I'm going in bareback!"

Re:Not News (1)

dudpixel (1429789) | more than 2 years ago | (#39626951)

I'm having difficulty with the apple equivalent of your analogy...

Re:Not News (1)

Bert64 (520050) | more than 2 years ago | (#39628393)

Having the ability to do this is a good thing, and its aimed at people who fully understand the risks...

These options are not intended for the average user, which is why they are not enabled by default... Although the ability to install packages from untrusted sources could be a bit more difficult for users to just stumble across, it is at least a relatively advanced process to get root.

Re:Not News (3, Interesting)

OzPeter (195038) | more than 2 years ago | (#39620095)

Downloading from reputable sources

I'm genuinely curious .. how does the Android marketplace (and I mean this generally) define and validate a "reputable source'?

Re:Not News (0)

Anonymous Coward | more than 2 years ago | (#39620189)

I asked myself that same question when I got my first Android phone a month ago and refused to create a Google account to load applications. In the end, you have to define what is reputable yourself and you do it the same way you did before with your computer, you simply have to decide if you trust the download link or not. Since I can't use the official google market place, I found a few application through the Opera app store. I trust Opera enough, but I still do some research on everything I install. In some other scenario, I found the application I wanted available directly on sourceforge or some such source, like K9-mail.

Re:Not News (0)

Anonymous Coward | more than 2 years ago | (#39621687)

Honestly if you aren't going to create a Google account - you cripple the usefulness of the device if you don't buy in to the Google services. Your contacts? Automatically backed up to Google. All these whiny "I lost my phone / my SIM died / etc. so all my contacts are gone" things from people are completely bogus when you just allow your contacts to be on Google. And that's just the first service. Tying in Gmail, Google Voice, Maps, and the rest of it makes the phone truly extremely functional. But, you are certainly allowed to be scared of Google and not create an account. It is just that you have to make the tradeoff of the extra privacy you may get by tossing out the functionality that was offered in exchange for it. Most of us find the phone to be amazing when all of the Google features are turned on.

Re:Not News (1)

chrb (1083577) | more than 2 years ago | (#39620959)

Downloading things from backwater websites has a higher risk of malware being present than downloading from reputable sources

how does the Android marketplace (and I mean this generally) define and validate a "reputable source'?

The same way you defined and validated a "reputable source" before - we have had personal computers for several decades now, and this problem has always existed, and yet we managed to cope.

There is no magic bullet solution - the Apple app store has exactly the same problem, in that you are allowing a random unknown developer somewhere in the world to run his code on your device. The only difference is that, with Apple's store, the developer has to pay some money to register. It's a slightly higher financial barrier, but it's not going to be a deterrent for serious criminals.

I suspect the real reason that the iPhone has seen less malware targetting it is that the majority of the mobile malware out there is "premium rate SMS" fraud. If Android apps just blocked, or required user confirmation for, premium rate numbers and SMS texts, then this particular financial motive would disappear.

In Other News (4, Funny)

Bigby (659157) | more than 2 years ago | (#39619975)

If you root your phone, your phone could be rooted!

I can't record on my Android phone but... (3, Funny)

acidradio (659704) | more than 2 years ago | (#39620013)

I can't record my own audio on my Android phone but a malware app can? So let me get this straight - to get what I believe should be a regular functionality I have to have someone install a malware app? Ridiculous. This is almost like giving someone syphillis to cure them of AIDS!

Re:I can't record on my Android phone but... (1)

bartoku (922448) | more than 2 years ago | (#39620317)

I came hear to complain about the same thing. I have had little luck with Android phone recording apps. If they sold this Trojan in the Android Market, I mean Google Play, they could make some mad cash!

Re:I can't record on my Android phone but... (2)

jeffmeden (135043) | more than 2 years ago | (#39620347)

I can't record my own audio on my Android phone but a malware app can? So let me get this straight - to get what I believe should be a regular functionality I have to have someone install a malware app? Ridiculous. This is almost like giving someone syphillis to cure them of AIDS!

FUD much? Like there aren't a dozen call recording apps in the (legit version of the) app market, that keep you miles away from any malware like this article mentions?

Re:I can't record on my Android phone but... (1)

InvisibleClergy (1430277) | more than 2 years ago | (#39621109)

But all of them require you to turn on speakerphone mode, since they can't record directly from the mouthpiece. At least, last time I checked, that was true.

Re:I can't record on my Android phone but... (1)

LiENUS (207736) | more than 2 years ago | (#39622101)

Not all do. I use total recall call recorder on my galaxy s2 just fine without speakerphone.

Re:I can't record on my Android phone but... (0)

Anonymous Coward | more than 2 years ago | (#39623767)

I've used a large number of phone (and general sound) recording apps from Android store, and not a single one of them required using speakerphone to record anything. Not even two years ago!

Re:I can't record on my Android phone but... (0)

the_humeister (922869) | more than 2 years ago | (#39620575)

Honestly, I'd rather have syphilis than AIDS. At least there's a cure for syphilis: penicillin. There's not cure for AIDS yet.

Re:I can't record on my Android phone but... (1)

jojoba_oil (1071932) | more than 2 years ago | (#39622579)

Just hope that you're not allergic to penicillin!

Re:I can't record on my Android phone but... (0)

Anonymous Coward | more than 2 years ago | (#39620683)

I can't record my own audio on my Android phone but a malware app can? So let me get this straight - to get what I believe should be a regular functionality I have to have someone install a malware app? Ridiculous. This is almost like giving someone syphillis to cure them of AIDS!

Actually, that'd be a pretty sweet deal for those infected with AIDS; because Syphillis has been completely curable in all 3 stages for decades...

Re:I can't record on my Android phone but... (0)

Anonymous Coward | more than 2 years ago | (#39620803)

Hertz

So.. How Does it Record Calls? (0)

CanHasDIY (1672858) | more than 2 years ago | (#39620203)

I've been waiting for an app that allows me to directly record calls on my DX... now, it seems someone has figured out how to make that happen.

On the downside, they stuck the code in some malware I have no intention of installing.

On the up side, someone wrote the code that allows such recording, so making an app that utilizes said code without the whole 'botnet' aspect should be fairly easy, right?

Re:So.. How Does it Record Calls? (3, Informative)

robmv (855035) | more than 2 years ago | (#39620509)

ohh please stop trolling and use the Market/Play search box [google.com]

Re:So.. How Does it Record Calls? (1)

H0p313ss (811249) | more than 2 years ago | (#39620571)

... my kingdom for a mod point...

Re:So.. How Does it Record Calls? (4, Insightful)

geminidomino (614729) | more than 2 years ago | (#39620631)

Was going to mod you down, but I'll post instead. Did you even LOOK at the results page you linked to? There are a handful of call recording apps (which don't seem to work on most phones. I've tried all of the ones on page 1 on both my Moment and my Evo 4G), and nine hundred and something apps with the word "call" or "record" somewhere in there.

You'd think that an app store run by google would have smarter search capabilities...

Re:So.. How Does it Record Calls? (0)

Anonymous Coward | more than 2 years ago | (#39620765)

He's not trolling as much as it seems. Not all phones have the hardware necessary to record both sides of the call and many that do don't have the software set up to allow it.

Re:So.. How Does it Record Calls? (2)

CanHasDIY (1672858) | more than 2 years ago | (#39621063)

ohh please stop trolling and use the Market/Play search box [google.com]

At last check (which, granted, was several months ago) all "call recording" apps for the DX do not record the call stream, but rather use the speaker to record calls through the mic.

But by all means, continue with your childish assumptions. After all, what fun would the internet be if everyone actually owned a clue?

Re:So.. How Does it Record Calls? (2)

GIL_Dude (850471) | more than 2 years ago | (#39621751)

One solution would be to use Google Voice and allow the call to be recorded on Google's system. Then you can access the recording from your phone, your computer, etc. I got my GV number well before you could "port" a number to GV, so I got a new number. I know that is a deal breaker for some folks so look into porting your existing number to GV. It definitely lets you record calls with no problem at all.

I guess I should point out that the service is still mostly USA only.

Re:So.. How Does it Record Calls? (1)

CanHasDIY (1672858) | more than 2 years ago | (#39621937)

One solution would be to use Google Voice and allow the call to be recorded on Google's system. Then you can access the recording from your phone, your computer, etc. I got my GV number well before you could "port" a number to GV, so I got a new number. I know that is a deal breaker for some folks so look into porting your existing number to GV. It definitely lets you record calls with no problem at all. I guess I should point out that the service is still mostly USA only.

Although my goal would be to have a local recording (i.e., process is not reliant on someone else's equipment), I'll have to check your solution out. While not ideal, it's better than nothing.

Much 'preciated.

Re:So.. How Does it Record Calls? (1)

lostfayth (1184371) | more than 2 years ago | (#39630201)

Using sipdroid with Google Voice or any SIP provider you can record calls locally, silently and if wanted, automatically. I assume other similar apps (like csipsimple) behave similarly, but I've only used sipdroid personally.

Google Voice alone will record calls if you press 4 during the call, but does not record locally and announces that you are recording to both sides of the call. You have to enable this feature first. See: http://support.google.com/voice/bin/answer.py?hl=en&answer=115082 [google.com]

As always, be familiar with the laws about recording telephone calls in your jurisdiction. If unsure, don't. ;)

Re:So.. How Does it Record Calls? (1)

lostfayth (1184371) | more than 2 years ago | (#39630281)

Oh, and so you're aware, Google Voice (alone) cannot record outbound calls. Page linked in my previous post explains that as well. Apps such as sipdroid do not have this limitation.

Re:So.. How Does it Record Calls? (1)

CanHasDIY (1672858) | more than 2 years ago | (#39631469)

Thanks, I'll be looking into your suggestion.

As always, be familiar with the laws about recording telephone calls in your jurisdiction. If unsure, don't. ;)

Good advice; Fortunately, I live in a "one-party consent" state, meaning that so long as at least 1 person in the call knows it's being recorded, everything is legal beagle :D

Re:So.. How Does it Record Calls? (1)

robmv (855035) | more than 2 years ago | (#39622311)

someone wrote the code that allows such recording

The same kind of hacks those applications do, so you want the same thing that malware do without the malware part, so I pointed you to the search where the first and second application tell you that there is no API for that and that they some tricks (that works on some devices

Re:So.. How Does it Record Calls? (1)

Inda (580031) | more than 2 years ago | (#39629263)

Not true.

Total Recall rings a bell. It's the app I was using to record calls before it started behaving badly on my S2 and I had to uninstall it (warez, say no more).

It was a fantastic app though.

Re:So.. How Does it Record Calls? (1)

CanHasDIY (1672858) | more than 2 years ago | (#39631431)

Samsung S2 != Motorola DX

If I'm not mistaken (which I could be, as it's been some time since I researched this), Motorola actually locks the call stream access functionality out of their devices at the hardware level, meaning that no matter what, an app cannot access the inbound call stream.

Why they would do this to their customers is beyond me.

Google market "Play Store" search blows (1)

Picass0 (147474) | more than 2 years ago | (#39621509)

A app store put together by Google has a crappy search engine. Talk about irony.

When I search for stuff in the Play Store (what a stupid name change) the problem usually isn't no results. The issues is there's no preferences to sort by highest rated or other criteria. Most searches return dozens of hits but it's a mixed bag as far as relevancy.

BLAME China ( Again ) ( Score: +10, Interesting ) (-1)

Anonymous Coward | more than 2 years ago | (#39620229)

again.

Re:BLAME China ( Again ) ( Score: +10, Interesting (0)

Anonymous Coward | more than 2 years ago | (#39620983)

Oh, sneaky. \o/

Missing key information (5, Insightful)

Scutter (18425) | more than 2 years ago | (#39620353)

This is not the first Android malware reported, and the story is always missing three key pieces of information:

1) What applications (or sites) were hosting the malware so that we can check to see if we have those apps.

2) How to tell if you are infected (and saying "it will register a receiver with a high priority to listen to the intent with action 'android.provider.Telephony.SMS_RECEIVED" doesn't really explain anything, especially to the layperson).

3) What to do about it if you are infected.

This story is no different

Re:Missing key information (0)

Anonymous Coward | more than 2 years ago | (#39620625)

I agree, there is no information in this article.

Re:Missing key information (0)

Anonymous Coward | more than 2 years ago | (#39620677)

Those answers would take some research. The linked article is just a PR release wrapped in a standard news story layout for publicity. Security Week blindly published it as is. Knowing the real threat would take away from the FUD and the "shock and awe" away of the story. I'm sure the researchers at NQ who found the "virus" in the wild" have no real interest in people knowing the actual impact.

Re:Missing key information (3, Informative)

Critical Facilities (850111) | more than 2 years ago | (#39622121)

2) How to tell if you are infected

3) What to do about it if you are infected

This [avg.com] would probably be a good place to start.

Re:Missing key information (0)

Anonymous Coward | more than 2 years ago | (#39622407)

No, you are supposed to go to the researchers site who find this virus and wrote the article (NQ Mobile) and buy their software. They have no vested interest in this factless OMG FUD stories, really.

Re:Missing key information (1)

dudpixel (1429789) | more than 2 years ago | (#39626971)

android market already automatically scans all apps for known threats. its like running avg on the store, rather than on your phone.

my recommendation is to use avg etc only for alternative store downloads

Re:Missing key information (1)

gl4ss (559668) | more than 2 years ago | (#39622195)

*
2) How to tell if you are infected (and saying "it will register a receiver with a high priority to listen to the intent with action
'android.provider.Telephony.SMS_RECEIVED" doesn't really explain anything, especially to the layperson).
*
I guess if you knew the control sequence on the sms you could try sending yourself one and see if it vanishes before the os tells you of an incoming message. that's what you can do on android sms received intent.. you can change your priority to be higher than than the built in apps for that, iirc you just need telephony perms. last time I checked the docs didn't mention this though, friggin obscurity bastards(the info is out there though - and it has valid uses! in fact a smartphone platform where you can't do this if you intent to sucks bigtime). btw this nq-mobile is a commercial outfit so they'll probably sell you sw to catch it. dunno why they'd use sms for the control though, maybe they're fishing for some iranian victims or whatever.

*
3) What to do about it if you are infected.
*
uninstall. though reflash would probably be more appropriate. from the description it seems that it could be just all java/dalvik code that would disappear with just that. they don't mention if it can do silent installs or fetch binaries to run in the linux side over the network or stuff like that though.. it really sounds like the kind of malware that you'd use to spy on your spouse etc stupid shit.

Re:Missing key information (0)

Anonymous Coward | more than 2 years ago | (#39624361)

There are some devices where there is no ability to reflash. Take the Motorola Atrix 2 -- it was only until recently that a stock FXZ was found.

As for SMS, that could easily be a way a C&C server can control its clients.

Re:Missing key information (0)

Anonymous Coward | more than 2 years ago | (#39645665)

Err... That's completely incorrect.

There is always the ability to reflash the original firmware or any firmware officially provided by the device manufacturer. Worst case, you throw the update onto the SD and tell it to reflash. For example, here: http://www.motorola.com/Support/US-EN/Android_Products/ATRIX-2_Software_Update_workround can be thrown onto any Atrix without any issue.

What you're talking about is the ability to flash custom ROMs, which certain models of devices (Moto phones in particular, some older HTC models made last year -- tho they've released the locks, etc.) prohibit. Without the manufacturer signing key (or an exploit, as you mention)

I th4nk you for your time (-1)

Anonymous Coward | more than 2 years ago | (#39620523)

whole has l0st

Only available on mysterious alternative markets (1)

sl4shd0rk (755837) | more than 2 years ago | (#39620981)

This is not available on AndroidMarket/GooglePlay, so how widespread is it?

"TigerBot hasnâ(TM)t yet surfaced in Google Play (formerly Googleâ(TM)s Android Market) but does appear to be making the rounds on alternative markets." TFA [threatpost.com]

Android is shit. (-1)

Anonymous Coward | more than 2 years ago | (#39622219)

Get a job and by an iPhone, losers.

Re:Android is .. ?. (0)

Anonymous Coward | more than 2 years ago | (#39632191)

How do I "by" something? I'm at a loss.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?